I'm creating a public Pod which is using a private Pod. Here, if I try to push the public pod, it's showing some error messages like "Can't find the specification".
Is it possible to use the private Pod inside the public Pod?
No.
If one of your pods is private, that means it's only accessible to you. Since Pods are not like embedded libraries, the source code needs to be accessible to the host as well.
In essence, the dependencies should have a higher or an equal access level as the host project.
Related
Is it possible to specify or change the service account to be used when accessing the kube api from within the cluster using rest.InClusterConfig in golang?
It seems to use the default service account (or the service account the pod running is under) but i want to use another service account.
I am aware that i can use BuildConfigFromFlags and use the configs from a config file that may be tied to a service account, but i wanted to see if it is possible to override the service account with rest.InClusterConfig
In Kubernetes, a Pod (or multiple for the same service) has a ServiceAccount. That is the way it is designed.
This ServiceAccount can be a specific that you create, you don't have to use a default ServiceAccount in a Namespace.
If I want to publish a set of public pods, is there a way to group them under a company name to prevent collision with other pods and to be clear these pods are from the expected company?
I see Firebase is able to do this https://cocoapods.org/pods/Firebase but I don't see anything different in their .podspecs that would distinguish this unless it's all based on the spec.author name or the name we set up when we register with trunk?
If we can do this, how do we add maintainers to this group?
CocoaPods trunk is a flat namespace and has no grouping mechanism other than strings, which are really only a convention.
The Firebase is an umbrella pod with a set of subspecs that reference other pods that are by convention prefixed with the "Firebase" string. For example the Firebase/Storage subspec depends on the FirebaseStorage pod.
From go 1.13, go modules uses https://proxy.golang.org/ to cache repositories. Consider that I have a private repository as a go module in github.com/Ihtkas/libraries and I imported the module in another local go code sort.go. When I build the local code with GIT_TERMINAL_PROMPT=1, go builds the sort.go with my login credentials for the local repository. In this case, does go caches the private repository in proxy.golang.com? When someone else imports the same private package and uses valid credentials to access the package, is the package in private repo served from proxy.golang.com with just authentication forwarded to github.com?
My exact question is
Does go in anyway hold the private repo code in proxy server?
From https://index.golang.org:
If I don't set GOPRIVATE and request a private module from these services, what leaks?
The proxy and checksum database protocols only send module paths and versions to the remote server. If you request a private module, the mirror will try to download it just as any Go user would and fail in the same way. Information about failed requests isn't published anywhere. The only trace of the request will be in internal logs, which are governed by the privacy policy.
With GOPRIVATEworking as described at https://golang.org/cmd/go/#hdr-Module_configuration_for_non_public_modules
The GOPRIVATE environment variable controls which modules the go command considers to be private (not available publicly) and should therefore not use the proxy or checksum database. The variable is a comma-separated list of glob patterns (in the syntax of Go's path.Match) of module path prefixes. For example,
GOPRIVATE=*.corp.example.com,rsc.io/private
causes the go command to treat as private any module with a path prefix matching either pattern, including git.corp.example.com/xyzzy, rsc.io/private, and rsc.io/private/quux.
To sum it up: if it is a private module, the proxy services tries to access it and will fail. I assume Go then will fall back to access it directly, circumventing the proxy altogether. To prevent this roundtrip, add your private repositories to GOPRIVATE and if you still are concerned about it, use something like wireshark to make double sure that your private modules are accessed directly.
I'm having an issue where some of my Pods are on CrashLoopBackOff when I try to deploy CAM from the Catalog. I also followed the instructions in the IBM documentation to clear the data from PVs (By doing rm -Rf /export/CAM_db/*) and purge the previous installations of CAM.
Here are the pods that are on CrashLoopBackOff:
Cam Pods
Here's the specific error when I describe the pod:
MongoDB Pod
Ro-
It is almost always the case that if the cam-mongo pod does not come up properly, the issue is with the PV unable to mount/read/access the actual disk location or the data itself which is on the PV.
Since your pod events indicates container image already exists, and scoped to the store, it seems like you have already tried before to install CAM and its using CE version from the Docker store, correct?
If a prior deploy did not go well, do clean up the disk locations as per the doc,
https://www.ibm.com/support/knowledgecenter/SS2L37_3.1.0.0/cam_uninstalling.html
but like you showed I can see you already tried by cleaning CAM_db, so do the same for the CAM_logs, CAM_bpd and CAM_terraform locations.
Make a note of our install troubleshooting section as it describes a few scenarios in which CAM mongo can be impacted:
https://www.ibm.com/support/knowledgecenter/SS2L37_3.1.0.0/ts_cam_install.html
in the bottom of the PV Create topic, we provide some guidance around the NFS mount options that work best, please review it:
https://www.ibm.com/support/knowledgecenter/SS2L37_3.1.0.0/cam_create_pv.html
Hope this helps you make some forward progress!
The postStart error you can effectively ignore, it means mongo container probably failed to start, so it kills a post script.
This issue usually is due to NFS configuration issue.
I would recommend you to try the troubleshooting steps here in the section that has cam-mongo pod is in CrashLoopBackoff
https://www.ibm.com/support/knowledgecenter/SS2L37_3.1.0.0/ts_cam_install.html
If it's NFS, typically it's things like
-no_root_squash is missing on base directory
-fsid=0 needs to be removed on the base directory for that setup
-folder permissions.
Note. I have seen another customer experiencing this issue and the problem was caused by NFS: there were .snapshot file there already, they have to remove it at first.
I have built a real-time database messenger in Swift 2.3 using Firebase 3.6.0 and JSQMessagesViewController pod.
At the moment I can send and receive messages from different devices that have the application installed from Xcode but unfortunately I'm unable to edit or remove the messages in the MessengerViewController where the JSQMessagesViewController pod is being used.
How can I go about doing this? I've included an example of my dilemma to further illustrate what my problem seems to be. I know I may have to do something with my Firebase database in my code to remove or edit these messages but I can't seem to wrap my head around how to go about doing it.
At the moment, the only way I can remove messages from the MessengerViewController is if I go into my database from my Firebase console and manually delete the data.
Also, I'm using the following pods:
pod 'JSQMessagesViewController'
pod 'Firebase/Database'
pod 'Firebase/Auth' (my application uses user authentication)
pod 'Firebase/Core'
pod 'Firebase/Messaging' (my application also includes cloud messaging to send push notifications from the Firebase console)
I'm wondering if maybe I should've also used pod 'Firebase/Storage' ðŸ’
You just need to add a handle on to the message. This handle will trigger an action and since you triggered it off a specific message you can look the message up by ID and call the appropriate delete method to have firebase remove it from your database. But I would actually just suggest you tag the message as deleted and then if that tag exists on a message you do not display it client side. But that is really up to you.